Class: AWSCDK::OpenSearchService::CfnDomain::SAMLOptionsProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
open_search_service/cfn_domain.rb

Overview

Container for information about the SAML configuration for OpenSearch Dashboards.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(enabled: nil, idp: nil, master_backend_role: nil, master_user_name: nil, roles_key: nil, session_timeout_minutes: nil, subject_key: nil) ⇒ SAMLOptionsProperty

Returns a new instance of SAMLOptionsProperty.

Parameters:

  • enabled (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    True to enable SAML authentication for a domain.

  • idp (AWSCDK::IResolvable, AWSCDK::OpenSearchService::CfnDomain::IdpProperty, nil) (defaults to: nil)

    The SAML Identity Provider's information.

  • master_backend_role (String, nil) (defaults to: nil)

    The backend role that the SAML master user is mapped to.

  • master_user_name (String, nil) (defaults to: nil)

    The SAML master user name, which is stored in the domain's internal user database.

  • roles_key (String, nil) (defaults to: nil)

    Element of the SAML assertion to use for backend roles.

  • session_timeout_minutes (Numeric, nil) (defaults to: nil)

    The duration, in minutes, after which a user session becomes inactive.

  • subject_key (String, nil) (defaults to: nil)

    Element of the SAML assertion to use for the user name.



2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
# File 'open_search_service/cfn_domain.rb', line 2263

def initialize(enabled: nil, idp: nil, master_backend_role: nil, master_user_name: nil, roles_key: nil, session_timeout_minutes: nil, subject_key: nil)
  @enabled = enabled
  Jsii::Type.check_type(@enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "enabled") unless @enabled.nil?
  @idp = idp.is_a?(Hash) ? ::AWSCDK::OpenSearchService::CfnDomain::IdpProperty.new(**idp.transform_keys(&:to_sym)) : idp
  Jsii::Type.check_type(@idp, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19vcGVuc2VhcmNoc2VydmljZS5DZm5Eb21haW4uSWRwUHJvcGVydHkifV19fQ==")), "idp") unless @idp.nil?
  @master_backend_role = master_backend_role
  Jsii::Type.check_type(@master_backend_role, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "masterBackendRole") unless @master_backend_role.nil?
  @master_user_name = master_user_name
  Jsii::Type.check_type(@master_user_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "masterUserName") unless @master_user_name.nil?
  @roles_key = roles_key
  Jsii::Type.check_type(@roles_key, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "rolesKey") unless @roles_key.nil?
  @session_timeout_minutes = session_timeout_minutes
  Jsii::Type.check_type(@session_timeout_minutes, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "sessionTimeoutMinutes") unless @session_timeout_minutes.nil?
  @subject_key = subject_key
  Jsii::Type.check_type(@subject_key, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "subjectKey") unless @subject_key.nil?
end

Instance Attribute Details

#enabledBoolean, ... (readonly)

True to enable SAML authentication for a domain.



2284
2285
2286
# File 'open_search_service/cfn_domain.rb', line 2284

def enabled
  @enabled
end

#idpAWSCDK::IResolvable, ... (readonly)

The SAML Identity Provider's information.



2289
2290
2291
# File 'open_search_service/cfn_domain.rb', line 2289

def idp
  @idp
end

#master_backend_roleString? (readonly)

The backend role that the SAML master user is mapped to.



2294
2295
2296
# File 'open_search_service/cfn_domain.rb', line 2294

def master_backend_role
  @master_backend_role
end

#master_user_nameString? (readonly)

The SAML master user name, which is stored in the domain's internal user database.



2299
2300
2301
# File 'open_search_service/cfn_domain.rb', line 2299

def master_user_name
  @master_user_name
end

#roles_keyString? (readonly)

Element of the SAML assertion to use for backend roles.

Default is roles .



2306
2307
2308
# File 'open_search_service/cfn_domain.rb', line 2306

def roles_key
  @roles_key
end

#session_timeout_minutesNumeric? (readonly)

The duration, in minutes, after which a user session becomes inactive.

Acceptable values are between 1 and 1440, and the default value is 60.



2313
2314
2315
# File 'open_search_service/cfn_domain.rb', line 2313

def session_timeout_minutes
  @session_timeout_minutes
end

#subject_keyString? (readonly)

Element of the SAML assertion to use for the user name.

Default is NameID .



2320
2321
2322
# File 'open_search_service/cfn_domain.rb', line 2320

def subject_key
  @subject_key
end

Class Method Details

.jsii_propertiesObject



2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
# File 'open_search_service/cfn_domain.rb', line 2322

def self.jsii_properties
  {
    :enabled => "enabled",
    :idp => "idp",
    :master_backend_role => "masterBackendRole",
    :master_user_name => "masterUserName",
    :roles_key => "rolesKey",
    :session_timeout_minutes => "sessionTimeoutMinutes",
    :subject_key => "subjectKey",
  }
end

Instance Method Details

#to_jsiiObject



2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
# File 'open_search_service/cfn_domain.rb', line 2334

def to_jsii
  result = {}
  result.merge!({
    "enabled" => @enabled,
    "idp" => @idp,
    "masterBackendRole" => @master_backend_role,
    "masterUserName" => @master_user_name,
    "rolesKey" => @roles_key,
    "sessionTimeoutMinutes" => @session_timeout_minutes,
    "subjectKey" => @subject_key,
  })
  result.compact
end